summaryrefslogtreecommitdiff
path: root/packages/backend/src/server/api
diff options
context:
space:
mode:
Diffstat (limited to 'packages/backend/src/server/api')
-rw-r--r--packages/backend/src/server/api/SigninApiService.ts7
-rw-r--r--packages/backend/src/server/api/endpoints/admin/reset-password.ts5
-rw-r--r--packages/backend/src/server/api/endpoints/admin/show-user.ts10
3 files changed, 22 insertions, 0 deletions
diff --git a/packages/backend/src/server/api/SigninApiService.ts b/packages/backend/src/server/api/SigninApiService.ts
index 6fbcacbc11..d212e3de79 100644
--- a/packages/backend/src/server/api/SigninApiService.ts
+++ b/packages/backend/src/server/api/SigninApiService.ts
@@ -26,6 +26,7 @@ import { RateLimiterService } from './RateLimiterService.js';
import { SigninService } from './SigninService.js';
import type { AuthenticationResponseJSON } from '@simplewebauthn/types';
import type { FastifyReply, FastifyRequest } from 'fastify';
+import { isSystemAccount } from '@/misc/is-system-account.js';
@Injectable()
export class SigninApiService {
@@ -125,6 +126,12 @@ export class SigninApiService {
});
}
+ if (isSystemAccount(user)) {
+ return error(403, {
+ id: 's8dhsj9s-a93j-493j-ja9k-kas9sj20aml2',
+ });
+ }
+
const profile = await this.userProfilesRepository.findOneByOrFail({ userId: user.id });
if (!user.approved && instance.approvalRequiredForSignup) {
diff --git a/packages/backend/src/server/api/endpoints/admin/reset-password.ts b/packages/backend/src/server/api/endpoints/admin/reset-password.ts
index 828dbae712..e4bb545f5d 100644
--- a/packages/backend/src/server/api/endpoints/admin/reset-password.ts
+++ b/packages/backend/src/server/api/endpoints/admin/reset-password.ts
@@ -11,6 +11,7 @@ import type { UsersRepository, UserProfilesRepository } from '@/models/_.js';
import { DI } from '@/di-symbols.js';
import { secureRndstr } from '@/misc/secure-rndstr.js';
import { ModerationLogService } from '@/core/ModerationLogService.js';
+import { isSystemAccount } from '@/misc/is-system-account.js';
export const meta = {
tags: ['admin'],
@@ -63,6 +64,10 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
throw new Error('cannot reset password of root');
}
+ if (isSystemAccount(user)) {
+ throw new Error('cannot reset password of system account');
+ }
+
const passwd = secureRndstr(8);
// Generate hash of password
diff --git a/packages/backend/src/server/api/endpoints/admin/show-user.ts b/packages/backend/src/server/api/endpoints/admin/show-user.ts
index a7ca7f9547..2ba064b9dd 100644
--- a/packages/backend/src/server/api/endpoints/admin/show-user.ts
+++ b/packages/backend/src/server/api/endpoints/admin/show-user.ts
@@ -11,6 +11,7 @@ import { RoleService } from '@/core/RoleService.js';
import { RoleEntityService } from '@/core/entities/RoleEntityService.js';
import { IdService } from '@/core/IdService.js';
import { notificationRecieveConfig } from '@/models/json-schema/user.js';
+import { isSystemAccount } from '@/misc/is-system-account.js';
export const meta = {
tags: ['admin'],
@@ -31,6 +32,10 @@ export const meta = {
type: 'boolean',
optional: false, nullable: false,
},
+ approved: {
+ type: 'boolean',
+ optional: false, nullable: false,
+ },
autoAcceptFollowed: {
type: 'boolean',
optional: false, nullable: false,
@@ -111,6 +116,10 @@ export const meta = {
type: 'boolean',
optional: false, nullable: false,
},
+ isSystem: {
+ type: 'boolean',
+ optional: false, nullable: false,
+ },
isSilenced: {
type: 'boolean',
optional: false, nullable: false,
@@ -240,6 +249,7 @@ export default class extends Endpoint<typeof meta, typeof paramDef> { // eslint-
mutedInstances: profile.mutedInstances,
notificationRecieveConfig: profile.notificationRecieveConfig,
isModerator: isModerator,
+ isSystem: isSystemAccount(user),
isSilenced: isSilenced,
isSuspended: user.isSuspended,
isHibernated: user.isHibernated,
generated by cgit v1.2.3-freya (git 2.53.0.84.g453e7b744a) at 2026-03-03 16:21:32 +0000